Class: BetterCap::ProxyOptions

Inherits:

Object

• Object
• BetterCap::ProxyOptions

Defined in:

lib/bettercap/options/proxy_options.rb

Instance Attribute Summary

• #allow_local_connections ⇒ Object

  If true, direct connections to the IP of this machine will be allowed.

• #custom_https_proxy ⇒ Object

  Custom HTTPS transparent proxy address.

• #custom_https_proxy_port ⇒ Object

  Custom HTTPS transparent proxy port.

• #custom_proxy ⇒ Object

  Custom HTTP transparent proxy address.

• #custom_proxy_port ⇒ Object

  Custom HTTP transparent proxy port.

• #custom_redirections ⇒ Object

  Custom list of redirections.

• #http_ports ⇒ Object

  List of HTTP ports, [ 80 ] by default.

• #https_ports ⇒ Object

  List of HTTPS ports, [ 443 ] by default.

• #proxy ⇒ Object

  If true, HTTP transparent proxy will be enabled.

• #proxy_https ⇒ Object

  If true, HTTPS transparent proxy will be enabled.

• #proxy_https_port ⇒ Object

  HTTPS proxy port.

• #proxy_module ⇒ Object

  File name of the transparent proxy module to load.

• #proxy_pem_file ⇒ Object

  File name of the PEM certificate to use for the HTTPS proxy.

• #proxy_port ⇒ Object

  HTTP proxy port.

• #proxy_upstream_address ⇒ Object

  If set, only this address will be redirected to the HTTP(S) proxiy.

• #sslstrip ⇒ Object

  If true, sslstrip is enabled.

• #tcp_proxy ⇒ Object

  If true, TCP proxy will be enabled.

• #tcp_proxy_module ⇒ Object

  TCP proxy module to load.

• #tcp_proxy_port ⇒ Object

  TCP proxy local port.

• #tcp_proxy_upstream_address ⇒ Object

  TCP proxy upstream server address.

• #tcp_proxy_upstream_port ⇒ Object

  TCP proxy upstream server port.

Class Method Summary

• .parse_ports(value) ⇒ Object

  Parse a comma separated list of ports and return an array containing only valid ports, raise BetterCap::Error if that array is empty.

Instance Method Summary

• #any? ⇒ Boolean
• #has_proxy_module? ⇒ Boolean

  Return true if a proxy module was specified, otherwise false.

• #initialize ⇒ ProxyOptions constructor

  A new instance of ProxyOptions.

• #parse!(ctx, opts) ⇒ Object
• #parse_custom_proxy!(value, https = false) ⇒ Object

  Setter for the #custom_proxy or #custom_https_proxy attribute, will raise a BetterCap::Error if value is not a valid IP address.

• #parse_redirection!(rule) ⇒ Object

  Parse a custom redirection rule.

• #sslstrip? ⇒ Boolean
• #validate!(ctx) ⇒ Object
• #validate_address(address, port = nil) ⇒ Object

Constructor Details

#initialize ⇒ ProxyOptions

Returns a new instance of ProxyOptions.

# File 'lib/bettercap/options/proxy_options.rb', line 60

def initialize
  @http_ports = [ 80 ]
  @https_ports = [ 443 ]
  @proxy = false
  @proxy_https = false
  @proxy_upstream_address = nil
  @proxy_port = 8080
  @proxy_https_port = 8083
  @proxy_pem_file = nil
  @proxy_module = nil
  @sslstrip = true
  @allow_local_connections = false

  @tcp_proxy = false
  @tcp_proxy_port = 2222
  @tcp_proxy_upstream_address = nil
  @tcp_proxy_upstream_port = nil
  @tcp_proxy_module = nil

  @custom_proxy = nil
  @custom_proxy_port = 8080

  @custom_https_proxy = nil
  @custom_https_proxy_port = 8083

  @custom_redirections = []
end

Instance Attribute Details

#allow_local_connections ⇒ Object

If true, direct connections to the IP of this machine will be allowed.

# File 'lib/bettercap/options/proxy_options.rb', line 38

def allow_local_connections
  @allow_local_connections
end

#custom_https_proxy ⇒ Object

Custom HTTPS transparent proxy address.

# File 'lib/bettercap/options/proxy_options.rb', line 54

def custom_https_proxy
  @custom_https_proxy
end

#custom_https_proxy_port ⇒ Object

Custom HTTPS transparent proxy port.

# File 'lib/bettercap/options/proxy_options.rb', line 56

def custom_https_proxy_port
  @custom_https_proxy_port
end

#custom_proxy ⇒ Object

Custom HTTP transparent proxy address.

# File 'lib/bettercap/options/proxy_options.rb', line 50

def custom_proxy
  @custom_proxy
end

#custom_proxy_port ⇒ Object

Custom HTTP transparent proxy port.

# File 'lib/bettercap/options/proxy_options.rb', line 52

def custom_proxy_port
  @custom_proxy_port
end

#custom_redirections ⇒ Object

Custom list of redirections.

# File 'lib/bettercap/options/proxy_options.rb', line 58

def custom_redirections
  @custom_redirections
end

#http_ports ⇒ Object

List of HTTP ports, [ 80 ] by default.

# File 'lib/bettercap/options/proxy_options.rb', line 26

def http_ports
  @http_ports
end

#https_ports ⇒ Object

List of HTTPS ports, [ 443 ] by default.

# File 'lib/bettercap/options/proxy_options.rb', line 30

def https_ports
  @https_ports
end

#proxy ⇒ Object

If true, HTTP transparent proxy will be enabled.

# File 'lib/bettercap/options/proxy_options.rb', line 18

def proxy
  @proxy
end

#proxy_https ⇒ Object

If true, HTTPS transparent proxy will be enabled.

# File 'lib/bettercap/options/proxy_options.rb', line 20

def proxy_https
  @proxy_https
end

#proxy_https_port ⇒ Object

HTTPS proxy port.

# File 'lib/bettercap/options/proxy_options.rb', line 28

def proxy_https_port
  @proxy_https_port
end

#proxy_module ⇒ Object

File name of the transparent proxy module to load.

# File 'lib/bettercap/options/proxy_options.rb', line 34

def proxy_module
  @proxy_module
end

#proxy_pem_file ⇒ Object

File name of the PEM certificate to use for the HTTPS proxy.

# File 'lib/bettercap/options/proxy_options.rb', line 32

def proxy_pem_file
  @proxy_pem_file
end

#proxy_port ⇒ Object

HTTP proxy port.

# File 'lib/bettercap/options/proxy_options.rb', line 24

def proxy_port
  @proxy_port
end

#proxy_upstream_address ⇒ Object

If set, only this address will be redirected to the HTTP(S) proxiy.

# File 'lib/bettercap/options/proxy_options.rb', line 22

def proxy_upstream_address
  @proxy_upstream_address
end

#sslstrip ⇒ Object

If true, sslstrip is enabled.

# File 'lib/bettercap/options/proxy_options.rb', line 36

def sslstrip
  @sslstrip
end

#tcp_proxy ⇒ Object

If true, TCP proxy will be enabled.

# File 'lib/bettercap/options/proxy_options.rb', line 40

def tcp_proxy
  @tcp_proxy
end

#tcp_proxy_module ⇒ Object

TCP proxy module to load.

# File 'lib/bettercap/options/proxy_options.rb', line 48

def tcp_proxy_module
  @tcp_proxy_module
end

#tcp_proxy_port ⇒ Object

TCP proxy local port.

# File 'lib/bettercap/options/proxy_options.rb', line 42

def tcp_proxy_port
  @tcp_proxy_port
end

#tcp_proxy_upstream_address ⇒ Object

TCP proxy upstream server address.

# File 'lib/bettercap/options/proxy_options.rb', line 44

def tcp_proxy_upstream_address
  @tcp_proxy_upstream_address
end

#tcp_proxy_upstream_port ⇒ Object

TCP proxy upstream server port.

# File 'lib/bettercap/options/proxy_options.rb', line 46

def tcp_proxy_upstream_port
  @tcp_proxy_upstream_port
end

Class Method Details

.parse_ports(value) ⇒ Object

Parse a comma separated list of ports and return an array containing only valid ports, raise BetterCap::Error if that array is empty.

Raises:

• (BetterCap::Error)

# File 'lib/bettercap/options/proxy_options.rb', line 250

def self.parse_ports(value)
  ports = []
  value.split(",").each do |v|
    v = v.strip.to_i
    if v > 0 and v <= 65535
      ports << v
    end
  end
  raise BetterCap::Error, 'Invalid ports specified.' if ports.empty?
  ports
end

Instance Method Details

#any? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/bettercap/options/proxy_options.rb', line 295

def any?
  @proxy or @proxy_https or @tcp_proxy or @custom_proxy
end

#has_proxy_module? ⇒ Boolean

Return true if a proxy module was specified, otherwise false.

Returns:

• (Boolean)

# File 'lib/bettercap/options/proxy_options.rb', line 287

def has_proxy_module?
  !@proxy_module.nil?
end

#parse!(ctx, opts) ⇒ Object

# File 'lib/bettercap/options/proxy_options.rb', line 88

def parse!( ctx, opts )
  opts.separator ""
  opts.separator "PROXYING:".bold
  opts.separator ""

  opts.separator ""
  opts.separator "  TCP:"
  opts.separator ""

  opts.on( '--tcp-proxy', 'Enable TCP proxy ( requires other --tcp-proxy-* options to be specified ).' ) do
    @tcp_proxy = true
  end

  opts.on( '--tcp-proxy-module MODULE', "Ruby TCP proxy module to load." ) do |v|
    @tcp_proxy_module = File.expand_path(v)
    Proxy::TCP::Module.load( @tcp_proxy_module )
  end

  opts.on( '--tcp-proxy-port PORT', "Set local TCP proxy port, default to #{@tcp_proxy_port.to_s.yellow} ." ) do |v|
    raise BetterCap::Error, "Invalid port '#{v}' specified." unless Network::Validator.is_valid_port?(v)
    @tcp_proxy      = true
    @tcp_proxy_port = v.to_i
  end

  opts.on( '--tcp-proxy-upstream ADDRESS:PORT', 'Set TCP proxy upstream server address and port.' ) do |v|
    if v =~ /^(.+):(\d+)$/
      address = $1
      port    = $2
    else
      raise BetterCap::Error, "Invalid address and port specified, the correct syntax is ADDRESS:PORT ( i.e. 192.168.1.2:22 )."
    end

    address, port = validate_address address, port

    @tcp_proxy                  = true
    @tcp_proxy_upstream_address = address
    @tcp_proxy_upstream_port    = port.to_i
  end

  opts.on( '--tcp-proxy-upstream-address ADDRESS', 'Set TCP proxy upstream server address.' ) do |v|
    v, _ = validate_address v

    @tcp_proxy                  = true
    @tcp_proxy_upstream_address = v
  end

  opts.on( '--tcp-proxy-upstream-port PORT', 'Set TCP proxy upstream server port.' ) do |v|
    raise BetterCap::Error, "Invalid port '#{v}' specified." unless Network::Validator.is_valid_port?(v)
    @tcp_proxy               = true
    @tcp_proxy_upstream_port = v.to_i
  end

  opts.separator "  HTTP:"
  opts.separator ""

  opts.on( '--proxy', "Enable HTTP proxy and redirects all HTTP requests to it, default to #{'false'.yellow}." ) do
    @proxy = true
  end

  opts.on( '--proxy-port PORT', "Set HTTP proxy port, default to #{@proxy_port.to_s.yellow}." ) do |v|
    raise BetterCap::Error, "Invalid port '#{v}' specified." unless Network::Validator.is_valid_port?(v)
    @proxy = true
    @proxy_port = v.to_i
  end

  opts.on( '--allow-local-connections', "Allow direct connections to the proxy instance, default to #{@allow_local_connections.to_s.yellow}." ) do |v|
    @proxy = true
    @allow_local_connections = true
  end

  opts.on( '--no-sslstrip', 'Disable SSLStrip.' ) do
    @proxy    = true
    @sslstrip = false
  end

  opts.on( '--proxy-module MODULE', "Ruby proxy module to load, either a custom file or one of the following: #{Proxy::HTTP::Module.available.map{|x| x.yellow}.join(', ')}." ) do |v|
    Proxy::HTTP::Module.load(ctx, opts, v)
    @proxy = true
  end

  opts.on( '--http-ports PORT1,PORT2', "Comma separated list of HTTP ports to redirect to the proxy, default to #{@http_ports.map{|x| x.to_s.yellow }.join(', ')}." ) do |v|
    @http_ports = ProxyOptions.parse_ports( v )
    @proxy      = true
  end

  opts.on( '--proxy-upstream-address ADDRESS', 'If set, only requests coming from this server address will be redirected to the HTTP/HTTPS proxies.' ) do |v|
    v, _ = validate_address v
    @proxy_upstream_address = v
  end

  opts.separator ""
  opts.separator "  HTTPS:"
  opts.separator ""

  opts.on( '--proxy-https', "Enable HTTPS proxy and redirects all HTTPS requests to it, default to #{'false'.yellow}." ) do
    @proxy_https = true
  end

  opts.on( '--proxy-https-port PORT', "Set HTTPS proxy port, default to #{@proxy_https_port.to_s.yellow}." ) do |v|
    raise BetterCap::Error, "Invalid port '#{v}' specified." unless Network::Validator.is_valid_port?(v)
    @proxy_https = true
    @proxy_https_port = v.to_i
  end

  opts.on( '--proxy-pem FILE', "Use a custom PEM CA certificate file for the HTTPS proxy, default to #{Proxy::HTTP::SSL::Authority::DEFAULT.yellow} ." ) do |v|
    @proxy_https = true
    @proxy_pem_file = File.expand_path v
  end

  opts.on( '--https-ports PORT1,PORT2', "Comma separated list of HTTPS ports to redirect to the proxy, default to #{@https_ports.map{|x| x.to_s.yellow }.join(', ')}." ) do |v|
    @https_ports = ProxyOptions.parse_ports( v )
    @proxy_https = true
  end

  opts.separator ""
  opts.separator "  CUSTOM:"
  opts.separator ""

  opts.on( '--custom-proxy ADDRESS', 'Use a custom HTTP upstream proxy instead of the builtin one.' ) do |v|
    parse_custom_proxy!(v)
  end

  opts.on( '--custom-proxy-port PORT', "Specify a port for the custom HTTP upstream proxy, default to #{@custom_proxy_port.to_s.yellow}." ) do |v|
    raise BetterCap::Error, "Invalid port '#{v}' specified." unless Network::Validator.is_valid_port?(v)
    @custom_proxy_port = v.to_i
  end

  opts.on( '--custom-https-proxy ADDRESS', 'Use a custom HTTPS upstream proxy instead of the builtin one.' ) do |v|
    parse_custom_proxy!( v, true )
  end

  opts.on( '--custom-https-proxy-port PORT', "Specify a port for the custom HTTPS upstream proxy, default to #{@custom_https_proxy_port.to_s.yellow}." ) do |v|
    raise BetterCap::Error, "Invalid port '#{v}' specified." unless Network::Validator.is_valid_port?(v)
    @custom_https_proxy_port = v.to_i
  end

  opts.on( '--custom-redirection RULE', "Apply a custom port redirection, the format of the rule is #{'PROTOCOL ORIGINAL_PORT NEW_PORT'.yellow}. For instance #{'TCP 21 2100'.yellow} will redirect all TCP traffic going to port 21, to port 2100." ) do |v|
    parse_redirection!( v )
  end
end

#parse_custom_proxy!(value, https = false) ⇒ Object

Setter for the #custom_proxy or #custom_https_proxy attribute, will raise a BetterCap::Error if value is not a valid IP address.

Raises:

• (BetterCap::Error)

# File 'lib/bettercap/options/proxy_options.rb', line 264

def parse_custom_proxy!(value, https=false)
  raise BetterCap::Error, 'Invalid custom HTTP upstream proxy address specified.' unless Network::Validator.is_ip?(value)
  if https
    @custom_https_proxy = value
  else
    @custom_proxy = value
  end
end

#parse_redirection!(rule) ⇒ Object

Parse a custom redirection rule.

# File 'lib/bettercap/options/proxy_options.rb', line 274

def parse_redirection!(rule)
  if rule =~ /^((TCP)|(UDP))\s+(\d+)\s+(\d+)$/i
    @custom_redirections << {
      :proto => $1.upcase,
      :from  => $4.to_i,
      :to    => $5.to_i
    }
  else
    raise BetterCap::Error, 'Invalid custom redirection rule specified.'
  end
end

#sslstrip? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/bettercap/options/proxy_options.rb', line 291

def sslstrip?
  @proxy and @sslstrip
end

#validate!(ctx) ⇒ Object

# File 'lib/bettercap/options/proxy_options.rb', line 229

def validate!( ctx )
  if @tcp_proxy
    raise BetterCap::Error, "No TCP proxy port specified ( --tcp-proxy-port PORT )." if @tcp_proxy_port.nil?
    raise BetterCap::Error, "No TCP proxy upstream server address specified ( --tcp-proxy-upstream-address ADDRESS )." if @tcp_proxy_upstream_address.nil?
    raise BetterCap::Error, "No TCP proxy upstream server port specified ( --tcp-proxy-upstream-port PORT )." if @tcp_proxy_upstream_port.nil?
  end

  if @proxy and @sslstrip and ctx.options.servers.dnsd
    raise BetterCap::Error, "SSL Stripping and builtin DNS server are mutually exclusive features, " \
                            "either use the --no-sslstrip option or remove the --dns option."
  end

  if has_proxy_module? and ( !@proxy and !@proxy_https )
    raise BetterCap::Error, "A proxy module was specified but none of the HTTP or HTTPS proxies are " \
                            "enabled, specify --proxy or --proxy-https options."
  end

end

#validate_address(address, port = nil) ⇒ Object

Raises:

• (BetterCap::Error)

# File 'lib/bettercap/options/proxy_options.rb', line 299

def validate_address( address, port = nil )
  unless Network::Validator.is_ip?(address)
    begin
      address = IPSocket.getaddress address
    rescue SocketError
      raise BetterCap::Error, "Could not resolve '#{address}' to a valid ip address."
    end
  end

  raise BetterCap::Error, "Invalid port '#{port}' specified." unless port.nil? or Network::Validator.is_valid_port?(port)

  [ address, port ]
end